KeithL
Administrator
Posts: 9,990
|
Post by KeithL on Apr 29, 2024 10:00:25 GMT -5
Or you could get a luchador mask and become "the masked reviewer". My third book is going to press this month or next, and I have a list of potential writing projects coming up: * Layers of Protection Analysis - Worked Examples with Explanations * Co-write a textbook on Process Safety Management of Highly Hazardous Chemicals for the Masters Degree program at Southeastern Louisiana University * Resume some (few) audio reviews for the Secrets of Home Theater and High Fidelity website * Write an undergraduate textbook - Chemical Process Safety for Engineers * Other projects are flitting around like a cloud of gnats - I'll need to pick and choose carefully. Glenn Well if you choose resuming audio reviews, liven up your life by reviewing some Tekton speakers. After retaining a good lawyer, of course.
|
|
KeithL
Administrator
Posts: 9,990
|
Post by KeithL on Apr 29, 2024 10:37:53 GMT -5
Believe it or not a computer is actually a rather technical sort of thing... Figuring out where the IP address goes isn't really any more technical than figuring out where to put the chain oil on your chainsaw. (And, if someone can't figure out where to put the chain oil, then maybe they shouldn't be using a chainsaw.) However, all kidding aside, a NAS is generally considered to be a rather technical computer accessory. There is an old story that dates back to when "networking" was first added to Microsoft Windows. It seems that, in the first version of Windows where networking was possible, at the default settings every Internet user could see every other computer on the Internet. This meant that, at the default settings, you could do a "search" and see every file, in every folder, on every computer, running Windows on the ENTIRE Internet... There weren't all that many computers on the Internet back then so it wasn't as absurd as it sounds nowadays... But some folks were pretty shocked when they noticed... (it was sort of like discovering that your basement door didn't have a lock... when you hadn't previously realized that you had a basement.) I would also add that THESE DAYS people are a lot more "aware of" or "obsessed with" privacy and security (depending on how you feel about it). And, as far back as I can remember, a NAS was always something that was expected to be set up and configured by "someone who knew what they were doing". But, in many situations, a NAS is used to store a large amount of data, some of which may be considered to be "public", but other of which is considered to be "very private". And one of the points of using "a serious NAS" is that you have very powerful and detailed control over who can access what. And, to be quite blunt, companies like Synology don't want to get blamed when an inexperienced user discovers that the security settings on his NAS are NOT giving him what he expects. (They assume that you might well have a mix of stuff that you don't consider private and stuff that you consider very private on that NAS... so they're going to force you to pay attention to which is which.) They're not going to set the default to "allow all"... Then have you get mad when your neighbor deletes your favorite album... Or when you find out that he can see your bank books along with your movies... Because YOU gave admin access to all users instead of limiting guests to read-only and limiting access to that banking folder... Or you didn't realize that, by opening that port so you can play music on your phone, you also gave access to your neighbor... (So, rather than offer defaults that may have unexpected consequences, they'd rather force you to learn enough to actually set it up the way you want to.) With a NAS you're better off learning all that stuff now... Rather than finding out later that you got something that actually matters wrong... I should also point out that AT LEAST now they ask you all those questions... A few decades ago, they didn't bother to ask, and it just wouldn't work until YOU figured out what needed to be configured to get it up and running. I think a lot of confusion is created by the Synology setup process... But of course, this is pie in the sky - What manufacturer wants to bother with the programming needed for user-friendly setup? Just throw it all at the wall and see what sticks! Bah Humbug - Boom I've noticed that a lot of tech instructions to setup computer-related things are written by those knowledgable in how to do it FOR those knowledgable in how to do it. So, they throw in useful lingo like, "next, gnarfle the garthok and proceed to the next step" At which point, I say "huh?" PS - ever heard the old saying "nothing is hard to do if you know how to do it"? It applies to situations like you are facing. Once you know...you'll know! Mark
|
|
klinemj
Emo VIPs
Honorary Emofest Scribe
Posts: 14,772
|
Post by klinemj on Apr 29, 2024 13:44:20 GMT -5
Believe it or not a computer is actually a rather technical sort of thing... Yes it is...and many people providing technical products provide woefully awful instructions. And - one thing I've noticed about Windows...it's come a long way since I first used the first version "way back". But, there's 1 thing that's still in pretty bad shape: file sharing. Sometime during the Windows 8 or 10 days, I added an external USB drive to 1 of my computers and wanted to share it to various other devices. One would think that making the computer "discoverable" on the network would be enough. But no...my other computers and devices couldn't see it. So...it's a journey into settings and also the control panel to change various things, and "ta-dah...it finally works". Luckily, I know how to do it now. Per my comment to Boom..."nothing's hard to do if you know how to do it". LOL! Mark
|
|
klinemj
Emo VIPs
Honorary Emofest Scribe
Posts: 14,772
|
Post by klinemj on Apr 29, 2024 13:47:43 GMT -5
klin? Will the SOFABATON remote address those Roku buttons or do you have to 'add' them thru a learning routine? I don't know...don't have that remote. Logically, I use a Logitech, LOL! But, it plays nice with Roku. Mark
|
|
|
Post by Boomzilla on Apr 29, 2024 13:48:50 GMT -5
Believe it or not a computer is actually a rather technical sort of thing... Figuring out where the IP address goes isn't really...technical... However, all kidding aside, a NAS is generally considered to be a rather technical computer accessory. And at one time, 90% or more of the NAS purchasers were IT professionals who didn't need much coaching to set up their network (or network storage). That has changed. Let's consider the facts. 90% or more of NAS purchasers NOW are not IT professionals. The vast majority of them aren't familiar with IP addresses. Synology (and, apparently other NAS makers) have at least started to figure this out. The "Quick Start Guide" that comes with a Synology gives excellent and illustrated instructions on how to populate the NAS with drives and prepare it for connection. But THEN, the Synology people (and I'll assume that they're typical), refer the customer to a website. And there, things fall apart rapidly. Yes, the manufacturer asks the customer questions about how the NAS is to be used, but the subsequent questions ignore the answers to the "introductory" questions. It doesn't matter if the customer says their NAS is for home use, the full gamut of questions is subsequently asked (most don't apply for home use at all). The full range of questions tend to take the user away from simplicity and into waters where, even if the defaults are used, leave the user with FAR more security and FAR more complexity than is needed. The important question that is NOT asked includes: Will there be any data on this drive that is confidential? Examples include tax returns, banking information, personal data that you don't want exposed, etc. If the user anticipates nothing on the drive except family photos and/or music files, then there's no need to further question the user about firewalls, security passwords, authorized users, etc. ...They're not going to set the default to "allow all"... Nor should they. But that option SHOULD be offered for those who need it. ...With a NAS you're better off learning all that stuff now rather than finding out later that you got something that actually matters wrong... I'm perfectly willing to "learn all that stuff now," but the Synology website isn't set up that way. There isn't any (that I could see) tutorial that explained NAS terminology and security choices. Instead, as soon as you entered your drive model, you're off to the races with no further explanations. It's no surprise that many have difficulty. I'd also point out that the majority of instructions encountered in the Synology setup instructions are specific to the Windows operating system. This makes additional confusion for anyone not running Windows. All's well that ends well, but this could have been a much smoother installation with just a little more coaching from Synology. Boom [/quote]
|
|
klinemj
Emo VIPs
Honorary Emofest Scribe
Posts: 14,772
|
Post by klinemj on Apr 29, 2024 13:57:08 GMT -5
And at one time, 90% or more of the NAS purchasers were IT professionals who didn't need much coaching to set up their network (or network storage). That has changed. Let's consider the facts. 90% or more of NAS purchasers NOW are not IT professionals. The vast majority of them aren't familiar with IP addresses. Bingo! I know now how to do find IP addresses, but when I didn't...oh boy... Mark
|
|
KeithL
Administrator
Posts: 9,990
|
Post by KeithL on Apr 29, 2024 16:29:39 GMT -5
I'm afraid I'm going to have to take BOTH sides of this debate... On the one side I do agree that these days a lot of people will be using a NAS for something relatively trivial... But the catch is that you will still be using a relatively complex device that has NOT specifically been "idiot proofed for inexperienced users". (And you really cannot make a device like that totally idiot proof without rendering it pretty useless.) For example, you're planning to install that Synology client on your computer, and so give the NAS access to your computer. Now... do you ever access your bank account using that computer? Are you SURE that, with those security settings, someone couldn't hack your computer through the NAS - for example the next time you type in your bank password? And, if you have to scan your driver's license someday, do you think you might put that on the NAS (remembering that, right now, you're saying that "it doesn't need much security".) And wouldn't it suck if, someday soon, you got an e-mail saying that "we've hacked your NAS and encrypted your music library; pay us $492 in BitCoin if you ever want to hear it again". (That is actually happening - right now - to some folks who don't have their phones properly secured... it really is a thing.) And did you know that your NAS is actually a computer of sorts? (That means that, if you fail to set it up securely, someday someone could hijack it, and use it to send spam, or host a pirate website, or who knows what else.) I'm not trying to scare you here... and most of those things are at least sort of unlikely to actually happen... But this is the reason why they insist on YOU knowing the answers to all those pesky security questions. (And why the correct answers are sort of important.) It might be nice of Synology had a "low security NAS just for stuff like Roon"... And it had all preset security setting that were appropriate... and all of the unnecessary stuff "locked down"... But, at least for now, they do not... (Perhaps Roon could come out with a custom secure Roon configuration for Synology NAS...) The issue is that... right now... You're probably right and a significant percentage of the people who buy a NAS don't PLAN to store anything confidential on it. But I'd bet money that, if you check back in a year, MOST of them WILL have put some confidential stuff on there, and will ASSUME that it's safe there... People frequently fail to anticipate things like that... and they won't bother to reconfigure their security later "just for that one tax return"... It's kind of like not putting a lock on your garage door "because you don't plan to put anything in there someone would steal"... (And those questions are equivalent to the reason that pretty much ALL doors come with a place to install a lock.) (Those introductory questions were probably written by a different guy... who KNEW that you'd have to answer ALL the questions eventually.) Believe it or not a computer is actually a rather technical sort of thing... Figuring out where the IP address goes isn't really...technical... However, all kidding aside, a NAS is generally considered to be a rather technical computer accessory. And at one time, 90% or more of the NAS purchasers were IT professionals who didn't need much coaching to set up their network (or network storage). That has changed. Let's consider the facts. 90% or more of NAS purchasers NOW are not IT professionals. The vast majority of them aren't familiar with IP addresses. Synology (and, apparently other NAS makers) have at least started to figure this out. The "Quick Start Guide" that comes with a Synology gives excellent and illustrated instructions on how to populate the NAS with drives and prepare it for connection. But THEN, the Synology people (and I'll assume that they're typical), refer the customer to a website. And there, things fall apart rapidly. Yes, the manufacturer asks the customer questions about how the NAS is to be used, but the subsequent questions ignore the answers to the "introductory" questions. It doesn't matter if the customer says their NAS is for home use, the full gamut of questions is subsequently asked (most don't apply for home use at all). The full range of questions tend to take the user away from simplicity and into waters where, even if the defaults are used, leave the user with FAR more security and FAR more complexity than is needed. The important question that is NOT asked includes: Will there be any data on this drive that is confidential? Examples include tax returns, banking information, personal data that you don't want exposed, etc. If the user anticipates nothing on the drive except family photos and/or music files, then there's no need to further question the user about firewalls, security passwords, authorized users, etc. ...They're not going to set the default to "allow all"... Nor should they. But that option SHOULD be offered for those who need it. ...With a NAS you're better off learning all that stuff now rather than finding out later that you got something that actually matters wrong... I'm perfectly willing to "learn all that stuff now," but the Synology website isn't set up that way. There isn't any (that I could see) tutorial that explained NAS terminology and security choices. Instead, as soon as you entered your drive model, you're off to the races with no further explanations. It's no surprise that many have difficulty. I'd also point out that the majority of instructions encountered in the Synology setup instructions are specific to the Windows operating system. This makes additional confusion for anyone not running Windows. All's well that ends well, but this could have been a much smoother installation with just a little more coaching from Synology. Boom [/quote]
|
|
KeithL
Administrator
Posts: 9,990
|
Post by KeithL on Apr 29, 2024 16:36:42 GMT -5
As for all the hoops you have to jump through... That's MOSTLY in response to the fact that people don't like the idea that "everyone else can automatically see everything I plug into a drive". So, in fact, because of this, they've been adding the security stuff to Windows that used to only be required on "serious networks". These days most people are more worried about "accidentally sharing stuff they didn't want to" than they are about "sharing the stuff the DO want to". They've gone to great lengths to make sure that you won't accidentally share something that you don't want to... And, at the same time, made sure that it's difficult to turn on, so some program can't turn it on behind your back... Believe it or not a computer is actually a rather technical sort of thing... Yes it is...and many people providing technical products provide woefully awful instructions. And - one thing I've noticed about Windows...it's come a long way since I first used the first version "way back". But, there's 1 thing that's still in pretty bad shape: file sharing. Sometime during the Windows 8 or 10 days, I added an external USB drive to 1 of my computers and wanted to share it to various other devices. One would think that making the computer "discoverable" on the network would be enough. But no...my other computers and devices couldn't see it. So...it's a journey into settings and also the control panel to change various things, and "ta-dah...it finally works". Luckily, I know how to do it now. Per my comment to Boom..."nothing's hard to do if you know how to do it". LOL! Mark
|
|
klinemj
Emo VIPs
Honorary Emofest Scribe
Posts: 14,772
|
Post by klinemj on Apr 29, 2024 16:40:21 GMT -5
As for all the hoops you have to jump through... That's MOSTLY in response to the fact that people don't like the idea that "everyone else can automatically see everything I plug into a drive". So, in fact, because of this, they've been adding the security stuff to Windows that used to only be required on "serious networks". These days most people are more worried about "accidentally sharing stuff they didn't want to" than they are about "sharing the stuff the DO want to". Well...blah, blah, blah...they could handle it a LOT better! As in..."are you sure...are you really sure...are you really really sure? Burying what needs to be done in multiple places? Nope...especially when their own site buries what to do. No excuse for that. Mark
|
|
|
Post by Boomzilla on Apr 29, 2024 18:55:17 GMT -5
Mr. Kline is spot-on. This COULD and SHOULD have been much easier. Despite what you may think of me, I’m no dummy when it comes to computers. In addition, my measured IQ has been tested consistently between 138 and 142 (approximately two standard deviations above the mean). If I struggle to set up a NAS-RAID, how much more difficult must it be for most others? The sad thing about this is that it’s mostly avoidable. The Synology RAID I bought is a CONSUMER PRODUCT - not a business box. With only two drive bays and severe limits on the drive capacity that can be installed, my Synology box isn’t intended for businesses (or IT professionals). And the information needed to simplify consumer access to a simple, secure, and trouble-free setup could easily be provided to Synology’s customers for minimal expense. What’s needed? I’m so glad you asked, KeithL instead of more pages of lectures about the perils of inadequate cybersecurity. Consumers need a “Read this first” file that is written to a reading level that average consumers can understand. The file should offer a glossary of terms with simple explanations. The file should explain which settings are critical to data security, and what could happen if those settings are wrong. When doing the actual setup of the NAS, the process should coach the user, “You will need to access the device in the future with this username and password - WRITE THESE DOWN so you’ll have them when you need them!” “You’ve opted not to enable this security feature - click here to review the potential hazards of this choice. If, after reviewing the implications of your choice, you still want to omit this security feature, click here to continue setup without this feature. Should you choose to implement this feature in the future, go to the “Setup” tab in the Synology menu, and select ‘review security settings’.” This level of information and coaching would encourage the average user to not only make better choices, but also to get their new Synology device up and running with a minimum of confusion. And there’s absolutely no reason for Synology (and other high-technology companies) NOT to help their customers through setup with straightforward instructions. Finis
|
|
|
Post by leonski on Apr 29, 2024 20:26:43 GMT -5
I'm IN for the Hazardous chems / gasses and other nasty sh**.
Since I only have 30+ years experience and some awful stories, I may help
with some obscure detail.....
My fab even suffered a LARGE leak of HF Acid.......I'll provide any detail offline,
But suffice it to say that Lives Changed that day.......and you should follow instructions!
|
|
|
Post by leonski on Apr 30, 2024 0:40:56 GMT -5
Boom? Amost all instructions are being written by persons who know the stuff at near-expert level.
Maybe the OWC Raid enclosure would be easier to install and tha maintain....
I've got a Ham Radio. A Baoefeng UV5r which is on the least $$$ side of the spectrum. But it does have a full
list of features which are all alphabetsoyup to me.....Tone codes? Repeater plus or minus frequency?
Half a dozen other items on the list.....makes first time or new user setup a miserable experience.
|
|
|
Post by oldwood on Apr 30, 2024 7:03:26 GMT -5
Mr. Kline is spot-on. This COULD and SHOULD have been much easier. Despite what you may think of me, I’m no dummy when it comes to computers. In addition, my measured IQ has been tested consistently between 138 and 142 (approximately two standard deviations above the mean). If I struggle to set up a NAS-RAID, how much more difficult must it be for most others? The sad thing about this is that it’s mostly avoidable. The Synology RAID I bought is a CONSUMER PRODUCT - not a business box. With only two drive bays and severe limits on the drive capacity that can be installed, my Synology box isn’t intended for businesses (or IT professionals). And the information needed to simplify consumer access to a simple, secure, and trouble-free setup could easily be provided to Synology’s customers for minimal expense. What’s needed? I’m so glad you asked, KeithL instead of more pages of lectures about the perils of inadequate cybersecurity. Consumers need a “Read this first” file that is written to a reading level that average consumers can understand. The file should offer a glossary of terms with simple explanations. The file should explain which settings are critical to data security, and what could happen if those settings are wrong. When doing the actual setup of the NAS, the process should coach the user, “You will need to access the device in the future with this username and password - WRITE THESE DOWN so you’ll have them when you need them!” “You’ve opted not to enable this security feature - click here to review the potential hazards of this choice. If, after reviewing the implications of your choice, you still want to omit this security features, click here to continue setup without this feature. Should you choose to implement this feature in the future, go to the “Setup” tab in the Synology menu, and select ‘review security settings’.” This level of information and coaching would encourage the average user to not only make better choices, but also to get their new Synology device up and running with a minimum of confusion. And there’s absolutely no reason for Synology (and other high-technology companies) NOT to help their customers through setup with straightforward instructions. Finis I agree, the manuals are very poor and do not spell out the risks of some of the options they promote. I use a Linux PC, so my solution may not be useful, but I found having the NAS on a static IP set up through the router, so the IP does not ever change is required. I have all the folders I use on the NAS mounted as drives on boot through the fstab configuration file in Linux. This allows me to access all the folders like local drives without having to log in to the NAS. It also allows me to browse to those folders with other programs through a local folder where the drives are mounted.
I disabled remote access outside the local network because of the security risks. It is not something I need on a regular basis and is not worth the risk in my opinion.
I set up a Synology NAS for an in law and managed to have the folders mounted on boot, but do not remember the process. I am not well-informed about Mac or Windows procedures.
Once you get by the pain of setting it up, they are very useful. I would not want to do without one now I have used it for a number of years.
|
|
KeithL
Administrator
Posts: 9,990
|
Post by KeithL on Apr 30, 2024 9:24:40 GMT -5
I disagree with Boomzilla... And I think that "the market has gotten ahead of the reality"... To most people I know who have a lot of experience with computers... "For large volumes of simple reliable storage the ideal solution is a simple RAID cabinet... connected to a single computer." "A NAS is very useful... but requires considerable knowledge to set up properly and securely... and should only be used if you require the additional capabilities it offers." When I say that "the market has gotten ahead of the reality" what I mean is that what customers EXPECT, and what companies PROMISE, often exceed what is actually POSSIBLE. For example, people want "simple secure online banking", and every bank promises exactly that, when in fact, with current technology, the two are to a degree mutually exclusive. The reality is that "you can have one, or the other, or a little of each... but you can't have both"... but "nobody wants to hear that". In the context of this discussion... People want "a box that is easy to set up, that they can access from everywhere they want to, but that is still secure". And, to put it bluntly, it is impossible to satisfy all of those requirements at the same time. Once you connect something to a network, and want it to be accessed over the network, things like security get "complicated"... (And there is no way to "un-complicate" them without giving up a lot of capabilities.) In this case, if you want simplicity, and you don't need network access, then the simplest solution is NOT a NAS. Please note that I agree with oldwood... A NAS is very useful... and can be quite handy... once you understand how it works... and accept that you're going to have to "administer it"... But it is NOT by any means the simplest solution. And it does, in fact, involve a bit of a learning curve... (It's more like learning how to use a new type of computer than like learning how to use a new flashlight.) I DECIDED TO ADD A PROPER RESPONSE TO BOOMZILLA'S QUESTION... However, upon reflection, I think he's already answered his own question to a significant degree. You need to connect the device to the network, choose what sort of address you want to use, and create an administrator name and password. And, if you want to, you might want to create multiple volumes, or choose a specific type of RAID to implement.) However, once you get past that, ANY settings involving who has access, and how access is controlled, qualify as "critical to data security". And, to make matters more complicated, many of them will depend on the other equipment you have (for example Roon will require different options than Volumio). (And, at that point, there's no way to understand the nuances of the situation, and the various tradeoffs, without getting into a lot of technical details.) However I do have one suggestion... I'll bet you can find many of those details, and suggestions related to them, if you Google "connecting Roon to a Synology NAS". Like what I found here: community.roonlabs.com/t/how-to-connect-synology-nas-to-roon/95985NOTE: Since your Synology NAS actually contains a computer you can install and run Roon Core *ON* the NAS. However, since the computer in the NAS is relatively low in processing power, you DO NOT want to do this. (Sorry... but it is Roon that is offering these complicated options... ) Mr. Kline is spot-on. This COULD and SHOULD have been much easier. Despite what you may think of me, I’m no dummy when it comes to computers. In addition, my measured IQ has been tested consistently between 138 and 142 (approximately two standard deviations above the mean). If I struggle to set up a NAS-RAID, how much more difficult must it be for most others? The sad thing about this is that it’s mostly avoidable. The Synology RAID I bought is a CONSUMER PRODUCT - not a business box. With only two drive bays and severe limits on the drive capacity that can be installed, my Synology box isn’t intended for businesses (or IT professionals). And the information needed to simplify consumer access to a simple, secure, and trouble-free setup could easily be provided to Synology’s customers for minimal expense. What’s needed? I’m so glad you asked, KeithL instead of more pages of lectures about the perils of inadequate cybersecurity. Consumers need a “Read this first” file that is written to a reading level that average consumers can understand. The file should offer a glossary of terms with simple explanations. The file should explain which settings are critical to data security, and what could happen if those settings are wrong. When doing the actual setup of the NAS, the process should coach the user, “You will need to access the device in the future with this username and password - WRITE THESE DOWN so you’ll have them when you need them!” “You’ve opted not to enable this security feature - click here to review the potential hazards of this choice. If, after reviewing the implications of your choice, you still want to omit this security features, click here to continue setup without this feature. Should you choose to implement this feature in the future, go to the “Setup” tab in the Synology menu, and select ‘review security settings’.” This level of information and coaching would encourage the average user to not only make better choices, but also to get their new Synology device up and running with a minimum of confusion. And there’s absolutely no reason for Synology (and other high-technology companies) NOT to help their customers through setup with straightforward instructions. Finis I agree, the manuals are very poor and do not spell out the risks of some of the options they promote. I use a Linux PC, so my solution may not be useful, but I found having the NAS on a static IP set up through the router, so the IP does not ever change is required. I have all the folders I use on the NAS mounted as drives on boot through the fstab configuration file in Linux. This allows me to access all the folders like local drives without having to log in to the NAS. It also allows me to browse to those folders with other programs through a local folder where the drives are mounted. I disabled remote access outside the local network because of the security risks. It is not something I need on a regular basis and is not worth the risk in my opinion. I set up a Synology NAS for an in law and managed to have the folders mounted on boot, but do not remember the process. I am not well-informed about Mac or Windows procedures.
Once you get by the pain of setting it up, they are very useful. I would not want to do without one now I have used it for a number of years.
|
|
|
Post by Boomzilla on Apr 30, 2024 10:13:54 GMT -5
I agree with KeithL that as you desire more flexibility from a NAS, that the security issues increase exponentially. However, if you want only connectivity inside your home network, the same router firewall that keeps intruders out of your home machine (and network) also keeps intruders out of your NAS. Am I mistaken in this? If you have a single external USB HDD connected to your computer, the data there is (usually) considered sufficiently safe behind your router from internet attacks. Provided your NAS is behind the same firewall, shouldn't it be equally protected? I'm glad that there's good information on the Roon user forums about connecting to a Synology NAS. If one's intention is to connect Roon, and only Roon to the NAS, then it's quite valuable. But shouldn't Synology offer better information about the general setup and protection of their own products (not used exclusively by Roon)? I think so.
|
|
|
Post by marcl on Apr 30, 2024 10:40:05 GMT -5
I agree with KeithL that as you desire more flexibility from a NAS, that the security issues increase exponentially. However, if you want only connectivity inside your home network, the same router firewall that keeps intruders out of your home machine (and network) also keeps intruders out of your NAS. Am I mistaken in this? If you have a single external USB HDD connected to your computer, the data there is (usually) considered sufficiently safe behind your router from internet attacks. Provided your NAS is behind the same firewall, shouldn't it be equally protected? I'm glad that there's good information on the Roon user forums about connecting to a Synology NAS. If one's intention is to connect Roon, and only Roon to the NAS, then it's quite valuable. But shouldn't Synology offer better information about the general setup and protection of their own products (not used exclusively by Roon)? I think so. The discussion reminded me to look ... I had not installed Antivirus Essential on my Synology boxes, so I did, and initiated scans Over half million files and 30TB .... this may take a minute
|
|
|
Post by leonski on Apr 30, 2024 11:52:30 GMT -5
I agree with KeithL that as you desire more flexibility from a NAS, that the security issues increase exponentially. However, if you want only connectivity inside your home network, the same router firewall that keeps intruders out of your home machine (and network) also keeps intruders out of your NAS. Am I mistaken in this? If you have a single external USB HDD connected to your computer, the data there is (usually) considered sufficiently safe behind your router from internet attacks. Provided your NAS is behind the same firewall, shouldn't it be equally protected? I'm glad that there's good information on the Roon user forums about connecting to a Synology NAS. If one's intention is to connect Roon, and only Roon to the NAS, then it's quite valuable. But shouldn't Synology offer better information about the general setup and protection of their own products (not used exclusively by Roon)? I think so. The discussion reminded me to look ... I had not installed Antivirus Essential on my Synology boxes, so I did, and initiated scans Over half million files and 30TB .... this may take a minute (MUSIC from Jeopardy)
|
|
|
Post by marcl on Apr 30, 2024 11:53:51 GMT -5
The discussion reminded me to look ... I had not installed Antivirus Essential on my Synology boxes, so I did, and initiated scans Over half million files and 30TB .... this may take a minute (MUSIC from Jeopardy) 41,000 files scanned ... 4% done!
|
|
KeithL
Administrator
Posts: 9,990
|
Post by KeithL on Apr 30, 2024 13:37:18 GMT -5
Yes... and no... You're getting near the edge of where things become somewhat more complicated. To start with your router firewall does not totally protect you. (You absolutely want to have a good lock on your front door... but people do still get robbed every day.) As for "a firewall protecting you from being attacked from outside"... that is largely a myth. Very few home networks these days get hacked by someone doing the equivalent of "trying doorknobs"... It still happens... but only accounts for something like 25% of "home network hacks" these days. Most people facilitate their own demise when they click on a suspicious e-mail, or on an untrustworthy link, or actually respond to a dubious e-mail. When you do that you are running a program inside your firewall... And, unless your firewall happens to recognize the threat, it will actually open a port to allow the reply to get back in... (that's how websites work). (This is where you hope that, if you have done something risky, it will be among the 90% or so of the threats that your firewall will recognize and block.) The problem is that you don't REALLY want Roon and your NAS "safe and secure behind your firewall". Because you WANT Roon to be able to get updates, and collect album information, and you WANT to be able to connect to Roon from your phone. If you want "real good security" then connect Roon, your NAS, and your player to a router... and DON'T connect it to the Internet (or block it at the router). But, if you were to try to do that, you would quickly find that a lot of the stuff you care about no longer works. I'm NOT trying to be alarmist... your risk as an individual is pretty low... especially if you avoid outright risky behavior. I'm just pointing out that they don't offer "simplified end-user instructions" for the same reason that Adobe stopped including printed manuals... Their product is so complex, and is used in so many different ways, that it would be too much work to cover all the permutations and possibilities... So, instead, they provide a spec sheet, and some hints, and assume that you'll either already know the rest or will look it up (or take a class). I agree with KeithL that as you desire more flexibility from a NAS, that the security issues increase exponentially. However, if you want only connectivity inside your home network, the same router firewall that keeps intruders out of your home machine (and network) also keeps intruders out of your NAS. Am I mistaken in this? If you have a single external USB HDD connected to your computer, the data there is (usually) considered sufficiently safe behind your router from internet attacks. Provided your NAS is behind the same firewall, shouldn't it be equally protected? I'm glad that there's good information on the Roon user forums about connecting to a Synology NAS. If one's intention is to connect Roon, and only Roon to the NAS, then it's quite valuable. But shouldn't Synology offer better information about the general setup and protection of their own products (not used exclusively by Roon)? I think so.
|
|
KeithL
Administrator
Posts: 9,990
|
Post by KeithL on Apr 30, 2024 13:37:56 GMT -5
Almost as much fun as watching grass grow... 41,000 files scanned ... 4% done!
|
|